CVE-2024-56608Improper Validation of Array Index in Linux

CWE-129Improper Validation of Array Index58 documents6 sources
Severity
7.8HIGHNVD
OSV8.8OSV5.5OSV4.4
EPSS
0.0%
top 98.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedDec 27
Latest updateJul 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An issue was identified in the dcn21_link_encoder_create function where an out-of-bounds access could occur when the hpd_source index was used to reference the link_enc_hpd_regs array. This array has a fixed size and the index was not being checked against the array's bounds before accessing it. This fix adds a conditional check to ensure that the hpd_so

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel< 6.12.5
Debianlinux/linux_kernel< 5.10.237-1+3
Ubuntulinux/linux_kernel< 5.15.0-141.151+1
CVEListV5linux/linux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c280f722601c8bf4d8a9c62dd727cf3a2fd0a47be+6
debiandebian/linux< linux 6.1.128-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

28
OSV
linux-intel-iotg-5.15 vulnerabilities2025-07-18
OSV
linux-xilinx-zynqmp vulnerabilities2025-06-26
OSV
linux-aws-5.15, linux-gcp-5.15, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities2025-06-24
OSV
linux-hwe-5.15 vulnerabilities2025-06-24
OSV
linux-azure-5.15 vulnerabilities2025-06-24

📋Vendor Advisories

29
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2025-07-18
Ubuntu
Kernel Live Patch Security Notice2025-07-10
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2025-06-26
Ubuntu
Linux kernel (Azure) vulnerabilities2025-06-24
Ubuntu
Linux kernel vulnerabilities2025-06-24